What’s even crazier is that I saw methods on bypassing kernel level anticheats 5 years ago. The BF6 kernel level anticheat was bypassed in the first hours of beta.
It seems wildly dangerous for the almost no effect it brings to the table when it comes to cheat sellers.
EDIT: IMO the future are AI anticheats, something to similar in what we sas in Battlefield 4. It doesn’t stand on your PC, it analyzes your playing behaviour on server side and bans you if you’re sus. I’m not talking about LLMs, but deep learning anti-cheat.
You can always use hardware cheats. You can use a second device to read memory and video feed, then pass back ESP information directly onto the monitor, or even control inputs.
I wouldn’t be surprised if such devices are already available for mainstream consumers. Kernel-level anticheat is a joke.
Games dont belong in the kernel. Shit should have stayed in userspace. No, I dont care how many billions are on the line, games are not that important.
alternative: Games do not belong on computers that do non-game things.
Anyway, this is going to be resolved as soon as north korea finds out who many people have important stuff on PC they game on, and hack some hapless devs source to install a rootkit on 100m PCs via steam.
I don’t think you understand people don’t have money to buy one computer to work, one to play, or a console to play. People are cheap that way, when it comes to food or a gaming console they choose food.
With Linux, that’s impossible. However, I will say that you won’t need to worry about these privacy invading rootkits disguising themselves as anti-cheats (Ricochet, EA’s Ring 0 malware, EAC, Battleye, etc.).
between the toxic communities, over monetization, and this kind of crap, I have been done with online competitive games for years. Anti-Cheating is going to always be a cat and mouse game, with the cheaters winning all the time. Anti-Cheat will always be reacting to whatever the new method of cheating is and humans are very innovative when they want to be.
I feel I would rather just opt out of playing these games. It ain’t worth it.
I feel like they should just host the entire game and stream it to players if they want to eliminate cheating, but that’s probably the most anti-SKG way to publish a game possible. Oh well.
Actually makes it easier to write aimbots and triggerbots, since you’ll have the video feed and can respond with the right inputs. Skips the step where you’ve got to film the monitor on the machine that’s ‘playing’ the game, which is protected by the HDCP between the PC and the screen.
To be honest I haven’t thought about this much because playing online games with strangers is not something I enjoy in the first place. I’m sure others have good ideas, though.
Seeking a technical solution to a non-technical problem. Rather than having one set of company-hosted servers that they then struggle to police, just let everyone host their own, and they can be responsible for banning anyone that doesn’t follow the community rules.
Yeah I wish we could go back to a model like that, the way PC gaming used to be. The sticking point would be battle pass progression, as mush as I hate it and an FPS is pretty much doa without it, although Hell Let Loose allows for rank progression while playing on clan-rented servers so it should work in theory.
The types of cheats that anti cheat in kernel space are trying to detect don’t view the video feed as such. They hook the process directly to read the memory, and the chest developer has reverse engineered the game binary to find out what variables correspond to things like opposing players, then using that information they draw stuff like wall hacks on the screen.
But yeah I guess an fps developer could move to a GeForce now type of model to eliminate cheats like that, but then no one would play that fps because of the input lag issues.
Yeah, just like ODST and Reach Firefight, there is no player count spawnrate modifier, so it’s all balanced around playing with 4 players, thus try it solo or even with 2 players is pretty miserable.
My son wanted to play the Battlefield open beta over the weekend. It legitimately took me 4 hours to get their shitty kernel anti-cheat shit working. I can’t imagine the average non-technical person being able to do that just to play a game.
What’s funny is battlefield to me was always just a chill game I used to play to do whatever. More for fun and blowing off steam with very little consequence of death. Like if someone was cheating in battlefield i hardly ever care. I also don’t remember a huge ranked or competitive scene for the battlefield genre but I could be ootl cause I haven’t played since 4
Compared to games like Tarkov or DayZ which have a lot more consequence tied to death.
I wish i could be zen like you. I hate dying in any game I JUST WANT TO KILL. Tryna rack up high scores, when I get killed it’s a big bummer, and dying by a cheater just makes it a WAY BIGGER bummer because it wasn’t even a fair fight.
I came home pre early access and saw that I could play if I just watched some stream on twitch for 30 minutes. So I did. Got the code and it did not work. Started up the game and it was locked until early access/ next day.
Went to bed and tried again on early access. Now the game won’t even start, claiming it needs secure boot to be on. I have secure boot on.
These anti-cheats don’t even work. Anyone can go out and buy a hardware DMA card with an FPGA on it, which is basically a modern day Action Replay. It has full access to RAM without touching the OS and cheaters like to use them to get around anti-cheat.
yeah, i haven’t done tech support in a hot minute either and had to look up some shit too. All that makes sense, although I don’t recall it existing in the early 90s when I actually thought I knew what i was talking about.
You just put me on a rabbit hole of looking at what FPGA means. Are these cheaters buying their cards already made? Learning such magic to cheat in games seems very weird.
Is “Mister FPGA” an FPGA because it can reprogram its “internal logic” to be as the gaming chips from the consoles?
How come people know so much? Dang here I thought being a computer wizard was one thing and you shattered my expectations
An FPGA is essentially a reprogrammable computer chip, or integrated circuit (IC), that can behave as another computer chip. It is widely used in the development of new ICs.
The MiSTer FPGA project uses an off-the-shelf Altera DE10-nano development board, which has a combo FPGA + ARM SoC on it. The OS, USB controller input, and some other stuff runs on the ARM core, and the FPGA is reprogrammed upon launching a core to behave as closely as possible to the original hardware that it’s emulating.
FPGAs can either be pre-programmed or programmed on-the-fly. In consumer hardware, FPGAs and CPLDs (essentially weak FPGAs) are used when you need an IC produced in small scale, or when you need to be able to change the functionality of the IC with updates.
People know so much because they take the time to learn, and it does take a lot of time and patience.
Nothing that takes significant amounts of time to accomplish is easy. Many people go to school specifically to learn about FPGA development (Computer Engineering students specifically).
Proof is in cheaters existing on day one of battlefield 6 open beta. Client side anti-cheat will never work. It’s good to have some basic preventative measures client-side, but server-side anti cheat is the only way to properly prevent cheaters.
Unfortunately companies keep investing in garbage client side anticheat that just pokes security holes into our machines.
Only Valve to my knowledge is investing money into their server side anti cheat, no other big player is to my knowledge.
It needs to be a mix. Have your clientside anti-cheat look for obvious attack vectors, have your serverside anti-cheat look for suspicious play, and let users report others. Then have humans review suspected cheaters and make the final call.
But that’s expensive, and off-the-shelf anti-cheat gives them someone else to blame.
I agree, there’s definitely some checks you can only do on the client and only some that work server-side. Ideally everything that can be checked on either, are checked.
Currently it’s just all wrong, the client-side can’t be relied upon as heavily as it is.
The benefit factor to the rootkits they install on our machines is nil. Just bloats our systems with garbage that is just waiting to be exploited by hackers.
You're viewing from the perspective of what would be best for the playerbase. These decisions are made based on what's the cheapest possible solution to have the playerbase shut up about cheaters so they wouldn't drive away potential customers.
I would think there’s money to gain by keeping your players engaged longer by having less cheaters, but I guess theres also an incentive to keep just enough cheaters that you can steadily ban them for more game sales (not that I think that’s happening, i hope not).
Anyways they take our money, we expect whats best for us, within reason of course.
I doubt the revenue from sales to cheaters is that significant compared to the risk of losing players. I think the simplest explanation is that catching cheaters is hard (read: expensive), so they’re happy with catching the most obvious cheaters with off the shelf solutions (i.e. the Pareto principle).
I refuse to play them. If they want kernel level anticheat, they can submit the source under the GPL to the Linux kernel devs for consideration, because that’s the only way I’d consider using it. No game is worth compromising my system’s security.
That’s only proof that it will never be enough to stop all cheating. But if the metric is if it reduces cheating then that proves nothing. Not saying I have proof that it does reduce cheating but I would personally bet on it reducing it somewhat at least.
It definitely reduces cheating, but mostly just by raising the bar of entry (not by that much as evident in day 1 cheats being present). I doubt it’s effectiveness though, since most games you can do some quick research and find $5 cheats that will go undetected (hell even free cheats can work if you do a little more research on doing the injection part manually yourself).
You can also never stop cheating, but the anti-cheat they install on your computer is just an extra attack vector for hackers, etc at this point, since it obviously doesnt work as intended.
Hopefully they start to learn from this at some point… they should realise that their current anti-cheat systems are not working as intended at some point right?
Battlefield will lose sales, every game definitely loses players because of cheater infestations. Lots of money lost in my eyes, is it enough to make them see straight?
Valves anti-cheat doesn’t really do anything though, at least not in CS2. It does like to boot me from the game from time to time because I’m playing on Linux though.
True VAC alone is not great (nothing really is), but CS2 (in my opinion) has one of the best systems against abuse, even though legit players like myself can get stuck in low trust factor sometimes.
VAC, trust factor, overwatch (player report reviewing, not sure if this was discontinued) all work together.
Hopefully a big improvement is to come soon with the VAC Live agents that monitor games using AI to predict likely cheaters.
Valve obviously has a big interest in keeping cheaters out, because their skin economy makes them boatloads (literally hehe) of money. I think they are the only company going down this road right now of AI agents, which is unobtrusive to users and should hopefully keep up VACs high accurate ban rate (which is at least a good thing about VAC, when you are banned, in almost all cases, you were indeed cheating (low fase positives)).
I do recognize though that AI agents likely comes with a high cost and may only be implemented in other highly competitive games that make lots of money.
There probably exist other methods, but it’ll take more investment in designing adaptable systems that can work on many games.
I do report a lot of cheaters, but I never know if it even does anything. I pretty much only play casual anyways. The worst is when someone is obviously cheating, and no one votes to kick them, or some special types actually vote against kicking the cheater so they can win …
ETA: the AI agents sounds cool, as long as legit players don’t get mistakenly banned. I didn’t realize cheating was such a huge problem these days until I started playing CS2 again. I used to scrim 1.6 Back in the day and never really had that problem that I can remember.
Client side anti-cheat (the one installed on your PC) will never work, it’s just fundamentally impossible. They can restrict user freedom as much as they want, but the hardware still isn’t under their control.
The only reason they push for those kinds of anti-cheats is because they don’t have to pay for the extra processing of server side anti-cheat, and they also get the benefit of a backdoor into your computer that you may never fully uninstall without buying a new computer.
That statement is to easy. It all depends on how much permissions you give the game and in what kind of environment you execute your game. From sandboxing to inmutable root file systems there is a lot possible to exactly prevent this to happen.
I mean, it’s like saying Pentagon security can’t work because some skilled hackers can someday find a way to spoof / steal credentials. Security always happens on a sliding scale based on the value of the contents.
I think at the very least, they can take steps that inconvenience hackers sufficiently each update without harming players - they can’t make it impossible to hack on the client side, but they can’t make it feel not worth it for them.
The reason I sort of insist on it is that even with serverside checks for game logic like teleportation and instant kills, game engines still load the data for player positions which allow for wallhacks and aimhacks. Those checks can only happen clientside; you can’t even send mouse positions often enough to look for “snaps”.
At the least, I agree that modern coders have gotten very lazy about having the server verify basic actions. “Okay, player 22 deals 8000 damage to every other player in the server simultaneously? Okay.”
Some of it does, some of it doesn’t, the critique is that kernel level stuff is way more than needed against most cheaters but not enough against the most dedicated ones, and it is invasive as hell.
The best anticheat is good netcode and server side checks. You can’t wallhack if your client doesn’t see behind the walls.
bin.pol.social
Najnowsze